Last active
February 10, 2020 13:20
-
-
Save Lynnesbian/21dcb3b816c0a36b1311bfb1ef96fe74 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# check to make sure everything we need is installed | |
dependencies=(curl jq xz gpg sha256sum) | |
for dep in "${dependencies[@]}"; do | |
if ! which $dep &> /dev/null; then | |
echo "This script requires $dep to be installed and available on your PATH." | |
exit 1 | |
fi | |
done | |
if ! which systemctl &> /dev/null; then | |
echo "This script uses systemctl to start and stop the gitea service, and does not support other init systems." | |
exit 1 | |
fi | |
j=`curl --silent "https://api.github.com/repos/go-gitea/gitea/releases/latest"` | |
# j=`cat out.json` | |
version=`echo "$j" | jq -r .tag_name` | |
if [[ $1 == '-s' ]]; then | |
echo "Updating gitea to $version..." | |
else | |
echo "Gitea will be updated to $version. Press enter to continue." | |
read | |
fi | |
echo "Changelog:" | |
echo "$j" | jq -r '.body' | |
# get a list of assets (downloads) for linux-amd64 from the release info | |
assets=`echo "$j" | jq -r '.assets[] | select (.name | contains("linux-amd64.xz")) | .url'` | |
urls=() | |
# get the actual downloadable URL for each asset | |
echo "Getting asset URLs..." | |
while read line; do | |
response=`curl --silent "$line"` | |
url=`echo "$response" | jq -r ".browser_download_url"` | |
urls+=("$url") | |
done <<<`echo "$assets"` | |
# rename files to make things easier | |
for url in "${urls[@]}"; do | |
out='gitea.xz' | |
case "$url" in | |
*.sha256) | |
out+='.sha256' | |
;; | |
*.asc) | |
out+='.asc' | |
;; | |
*.xz) | |
true | |
;; | |
*) | |
# bad extension | |
echo "I don't know how to handle $url!" | |
exit 1 | |
;; | |
esac | |
echo "Downloading $url..." | |
curl -o "$out" -LC - "$url" | |
done | |
# update the sha256 file to reflect the changed filename | |
sed -Ei 's/ .*/ gitea.xz/' gitea.xz.sha256 | |
# check sha256 | |
echo "Verifying checksum..." | |
if ! sha256sum -c gitea.xz.sha256 &> /dev/null; then | |
echo "SHA256 validation failed!" | |
exit 1 | |
fi | |
# import gitea's public key for signed builds, but only if it hasn't already been imported | |
# TODO: the key is currently hardcoded, which will be an issue if gitea changes their key | |
echo "Verifying PGP signature..." | |
key="7C9E68152594688862D62AF62D9AE806EC1592E2" | |
if ! gpg --list-key $key &> /dev/null; then | |
gpg --keyserver pgp.mit.edu --recv $key | |
fi | |
# check signature | |
if ! gpg --verify gitea.xz.asc gitea.xz &> /dev/null; then | |
echo "PGP verification failed!" | |
exit 1 | |
fi | |
echo "Extracting gitea.xz..." | |
xz -d --stdout gitea.xz > gitea-new | |
echo "Stopping gitea service..." | |
systemctl stop gitea | |
echo "Replacing files and cleaning up..." | |
mv gitea gitea-old | |
mv gitea-new gitea | |
rm gitea.xz.sha256 | |
rm gitea.xz.asc | |
rm gitea.xz | |
echo "Setting permissions..." | |
chown git gitea | |
chmod +x gitea | |
echo "Starting gitea..." | |
systemctl start gitea | |
echo "Done." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment